Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: +W+97Mvfp4Ql3JlJ/xxLikoRO1w1G4ne2Dcj/d8ePq0=
Subject key identifier: B8:D4:FC:9D:37:2A:EB:69:F8:9C:09:48:F7:DC:77:44:EA:43:B3:43
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5918F5E0983F5D36602F79ECDC4CDA3B40EEE011
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:18:f5:e0:98:3f:5d:36:60:2f:79:ec:dc:4c:da:3b:40:ee:e0:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=3e2684cf10f85656c3d2f9806c47752007c91a0728f895b9a96a38dfb89c1515, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:87:c4:7e:b6:ed:a1:3a:66:0e:5f:f2:1d:
16:e4:27:1e:33:7f:e9:03:6c:7c:16:a6:c0:a7:e6:
46:b7:c3:3b:09:d2:ff:b8:f7:8e:e9:86:9d:50:d3:
d1:14:a0:f9:a1:e3:37:25:b5:5c:72:a9:3b:02:cf:
57:da:b3:59:04:30:4f:d8:cf:4a:b7:9c:6a:77:08:
96:b9:6f:a0:d4:94:56:4f:cd:36:b0:32:2d:8f:d3:
c4:c2:ec:77:fd:8e:59:1e:d3:36:c5:22:67:ae:a9:
5f:be:f9:ec:2c:a6:ff:a0:43:ea:a9:b8:5f:75:bd:
49:40:8e:7b:57:69:eb:91:ce:d7:59:4d:57:07:34:
f5:eb:bb:72:d9:cb:10:28:b1:33:e8:39:b9:5b:54:
09:e9:df:bb:e0:30:e7:0b:bf:e8:ee:bf:ce:6a:d3:
dc:f2:4f:5b:27:02:36:d1:42:de:a7:ce:09:da:4b:
1d:7d:c8:25:32:8c:cd:bf:d8:8d:66:1c:1a:08:7f:
e5:4e:9d:66:b5:a6:62:6b:3e:89:b1:4e:e0:e6:6f:
fe:11:42:13:e1:40:b7:07:46:14:0c:3a:02:5c:cd:
0b:1b:5d:a9:58:45:75:df:d9:f3:40:18:d4:f8:14:
0b:11:49:01:d8:f5:e4:4c:fc:d1:07:3e:b1:df:04:
c0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D4:FC:9D:37:2A:EB:69:F8:9C:09:48:F7:DC:77:44:EA:43:B3:43
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:9c:9c:6b:26:e0:b2:86:bc:d6:48:75:35:d8:57:53:52:14:
0b:c5:93:79:8f:4c:b7:5c:b9:d1:96:9d:48:1a:ff:c3:39:23:
49:dd:01:9b:7c:5e:90:8e:9f:34:86:e1:cc:1f:cb:7b:3b:07:
95:20:5d:b1:33:6a:18:62:ed:7e:06:73:4e:79:5b:5c:80:a3:
74:af:e9:03:f6:3a:ca:7e:f0:ce:f3:46:32:4d:4a:83:32:48:
d5:e9:18:a1:df:0a:8c:be:a7:01:5a:38:13:9a:55:df:7d:0a:
a0:c8:25:cc:0d:09:de:fc:b9:5c:a6:a9:5b:f5:a2:16:11:b3:
35:82:e5:b6:11:a3:72:f0:28:8c:3a:45:86:3e:f0:dc:24:a5:
61:58:c5:40:ec:09:e4:8c:f8:9c:f5:6e:76:9e:af:07:5d:ec:
59:03:f9:59:3c:4d:b3:fe:93:74:65:43:cf:a1:9e:2d:9b:f5:
d5:2b:8a:b4:6a:5f:c6:b6:a2:3c:5e:bc:42:ff:43:78:21:85:
5b:9c:91:85:ea:01:03:d6:94:90:ec:99:f0:8c:5a:da:29:29:
fd:7c:69:7b:40:cd:16:5a:92:6e:3f:46:4c:09:28:b2:d9:82:
16:8c:e4:a9:e4:9f:48:2e:55:92:82:e2:61:ee:4a:8c:f4:0b:
1a:1b:ce:56
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWRj14Jg/XTZgL3ns3EzaO0Du4BEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlMjY4NGNmMTBmODU2NTZjM2QyZjk4MDZjNDc3NTIwMDdjOTFhMDcyOGY4
OTViOWE5NmEzOGRmYjg5YzE1MTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYmh8R+tu2hOmYOX/IdFuQnHjN/6QNsfBamwKfmRrfDOwnS/7j3jumGnVDT
0RSg+aHjNyW1XHKpOwLPV9qzWQQwT9jPSrecancIlrlvoNSUVk/NNrAyLY/TxMLs
d/2OWR7TNsUiZ66pX7757Cym/6BD6qm4X3W9SUCOe1dp65HO11lNVwc09eu7ctnL
ECixM+g5uVtUCenfu+Aw5wu/6O6/zmrT3PJPWycCNtFC3qfOCdpLHX3IJTKMzb/Y
jWYcGgh/5U6dZrWmYms+ibFO4OZv/hFCE+FAtwdGFAw6AlzNCxtdqVhFdd/Z80AY
1PgUCxFJAdj15Ez80Qc+sd8EwNUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS41Pyd
NyrraficCUj33HdE6kOzQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBmnJxrJuCyhrzWSHU12FdTUhQLxZN5j0y3XLnRlp1I
Gv/DOSNJ3QGbfF6Qjp80huHMH8t7OweVIF2xM2oYYu1+BnNOeVtcgKN0r+kD9jrK
fvDO80YyTUqDMkjV6Rih3wqMvqcBWjgTmlXffQqgyCXMDQne/Llcpqlb9aIWEbM1
guW2EaNy8CiMOkWGPvDcJKVhWMVA7AnkjPic9W52nq8HXexZA/lZPE2z/pN0ZUPP
oZ4tm/XVK4q0al/GtqI8XrxC/0N4IYVbnJGF6gED1pSQ7JnwjFraKSn9fGl7QM0W
WpJuP0ZMCSiy2YIWjOSp5J9ILlWSguJh7kqM9AsaG85W
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:35:26 2024 by rpki-client on console-ams.rpki-client.org